Siemens: >> Scalance M874-3 Firmware >> 7.1.2 Security Vulnerabilities
Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.
CVSS Score
5.7
EPSS Score
0.001
Published
2022-12-13
Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data.
CVSS Score
2.7
EPSS Score
0.002
Published
2022-12-13
Page 2